IN THE CLAIMS: 



Claims 1-15 (Canceled) 

16. (Currently Amended) A computer program product for assessing security of a 
network perimeter: the computer program product c omprising: a computer usable m e dium 
having a computer readable program embodied in the medium, wherein the computer 
r e adabl e program when executed on a computing device is operable to cause th e 
computing device to: 

one or more computer-readable tangible storage devices and program instructions 

stored on at least one of the one or more storage devices, the program instructions 
comprising: 

program instructions to r eview security of thea network perimeter archit e ctureb y 
executing tests to attempt to circumvent security controls of the network perimeter : 

program instructions to r eview security of a firewall at data processing devices that 
transfer data across the network p erimeter of the notwor kb v analyzing message flow rules 
of the Firewall : 

program instructions to r eview security of an applications that transfers data across 
sat 4the network perimete r by analyzing message flows and a protocol used by the 
a pplication : 

program instructions to review security of an authentication computer from attack, 

the authentication computer residing within the network perimeter and authenticating users 
outside of the network perimeter that request access to an application within the network 
perimeter: 
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program instructions to r eview vulnerability e ^f a gateway computer at the 
network perimete r applications or data proccsGing devic e s within said perimeter from 
a pplications c omputers or us e rs outside of thesai4 network p erimete r bv scanning ports on 
the gateway computer to determine whether unauthorized services from the applications 
outside the network perimeter are available within the network perimeter via the gateway 
computer, and determining and executing penetration tests on the gateway computer to 
attempt to exploit a vulnerability of the gateway computer as revealed bv the scanning of 
the ports on the gateway computer : and 

program instructions to g enerate a report o fconceming security of sat dthe network 
perimeter based upon results generated bv the program instructions to review security of 
the network perimeter, the program instructions to review security of the firewall, the 
program instructions to review security of applications that transfer data across the network 
perimeter, the program instructions to review security of the authentication computer, and 
the program instructions to review vulnerability of the gateway computer at the network 
perimeter, all said reviews. 

Claims 17-20 (Canceled) 

Please enter new claims 21-31, as follows: 

21 . (New) The computer program product of claim 16 wherein the program 
instructions to review security of a firewall including program instructions to assess 
protection by the firewall against probing into the network perimeter apart from 
vulnerability to subsequent related attack via the firewall, based in part on the message 
flow rules of the firewall. 
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22. (New) The computer program product of claim 23 further comprising program 
instnictions, stored on at least one of the one or more storage devices, to review security of 
the application that transfers data across the network perimeter based on a location of data 
transferred by the application and whether the transferred data is encrypted. 

23. (New) The computer program product of claim 16 wherein the application that 
transfers data across the network perimeter is installed in a computer system, and further 
comprising program instructions, stored on at least one of the one or more storage devices, 
to scan ports of the computer system to determine whether unauthorized services are 
available within the network perimeter from the computer system, and identify and execute 
penetration tests on the computer system to attempt to exploit a vulnerability of the 
computer system as revealed by the scanning of the ports on the computer system. 

24. (New) The computer program product of claim 16 further comprising program 
instructions, stored on at least one of the one or more storage devices, to review security of 
a server computer within the network perimeter that provides data to an application outside 
of the perimeter. 

25. (New) The computer program product of claim 16 further comprising program 
instructions, stored on at least one of the one or more storage devices, to review security of 
the application that transfers data across the network perimeter based on a location of data 
transferred by the application and whether the transferred data is encrypted. 
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26. (New) A computer system for assessing security of a network perimeter, the 
computer system comprising: 

one or more processors, one or more computer-readable memories, one or more 
computer-readable tangible storage devices, and program instructions stored on at least one 
of the one or more storage devices for execution by at least one of the one or more 
processors via at least one of the one or more memories, the program instructions 
comprising: 

program instructions to review security of the network perimeter by executing tests 
to attempt to circumvent security controls of the network perimeter; 

program instructions to review security of a firewall at the network perimeter by 
analyzing message flow rules of the firewall; 

program instructions to review security of an application that transfers data across 
the network perimeter by analyzing message flows and a protocol used by the application; 

program instructions to review security of an authentication computer from attack, 
the authentication computer residing within the network perimeter and authenticating users 
outside of the network perimeter that request access to an application within the network 
perimeter; 

program instructions to review vulnerability of a gateway computer at the network 
perimeter from applications outside of the network perimeter by scanning ports on the 
gateway computer to determine whether unauthorized services from the applications 
outside the network perimeter are available within the network perimeter via the gateway 
computer, and determining and executing penetration tests on the gateway computer to 
attempt to exploit a vulnerability of the gateway computer as revealed by the scanning of 
the ports on the gateway computer; and 
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program instructions to generate a report of security of the network perimeter based 
upon results generated by the program instructions to review security of the network 
perimeter, the program instructions to review security of the firewall, the program 
instructions to review security of applications that transfer data across the network 
perimeter, the program instructions to review security of the authentication computer, and 
the program instructions to review vulnerability of the gateway computer at the network 
perimeter. 

27. (New) The computer system of claim 26 wherein the program instructions to 
review security of a firewall including program instructions to assess protection by the 
firewall against probing into the network perimeter apart from vulnerability to subsequent 
related attack via the firewall, based in part on the message flow rules of the firewall. 

28. (New) The computer system of claim 27 further comprising program instructions, 
stored on at least one of the one or more storage devices for execution by at least one of the 
one or more processors via at least one of the one or more memories, to review security of 
the application that transfers data across the network perimeter based on a location of data 
transferred by the application and whether the transferred data is encrypted. 

29. (New) The computer system of claim 26 wherein the application that transfers data 
across the network perimeter is installed in a computer system, and further comprising 
program instructions, stored on at least one of the one or more storage devices, to scan 
ports of the computer system to determine whether unauthorized services are available 
within the network perimeter from the computer system, and identify and execute 
penetration tests on the computer system to attempt to exploit a vulnerability of the 
computer system as revealed by the scanning of the ports on the computer system. 
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30. (New) The computer system of claim 26 further comprising program instructions, 
stored on at least one of the one or more storage devices for execution by at least one of the 
one or more processors via at least one of the one or more memories, to review security of 
a server computer within the network perimeter that provides data to an application outside 
of the perimeter. 

3 1 . (New) The computer system of claim 26 further comprising program instructions, 
stored on at least one of the one or more storage devices for execution by at least one of the 
one or more processors via at least one of the one or more memories, to review security of 
the application that transfers data across the network perimeter based on a location of data 
transferred by the application and whether the transferred data is encrypted. 
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32. (New) A computer program product for assessing security of a network perimeter, 
the computer program product comprising: 

one or more computer-readable tangible storage devices and program instructions 
stored on at least one of the one or more storage devices, the program instructions 
comprising: 

program instructions to review security of an authentication computer from attack, 
the authentication computer residing within the network perimeter and authenticating users 
outside of the network perimeter that request access to an application within the network 
perimeter; 

program instructions to review vulnerability of a gateway computer at the network 
perimeter from applications outside of the network perimeter by scanning ports on the 
gateway computer to determine whether an unauthorized service from an application 
outside the network perimeter is available within the network perimeter via the gateway 
computer; and 

program instructions to generate a report of security of the network perimeter based 
upon results generated by the program instructions to review security of the authentication 
computer, and the program instructions to review vulnerability of the gateway computer at 
the network perimeter. 

33. (New) The computer program product of claim 32 further comprising program 
instructions, stored on at least one of the one or more storage devices, to assess protection 
by a firewall against probing into the network perimeter apart from vulnerability to 
subsequent related attack via the firewall, based in part on the message flow rules of the 
firewall. 
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34. (New) The computer program product of claim 33 further comprising program 
instructions, stored on at least one of the one or more storage devices, to review security of 
an application that transfers data across the network perimeter based on a location of data 
transferred by the application and whether the transferred data is encrypted. 

35. (New) The computer program product of claim 34 wherein the apphcation that 
transfers data across the network perimeter is installed in a computer system, and further 
comprising program instructions, stored on at least one of the one or more storage devices, 
to scan ports of the computer system to determine whether unauthorized services are 
available within the network perimeter from the computer system, and identify and execute 
penetration tests on the computer system to attempt to exploit a vulnerability of the 
computer system as revealed by the scanning of the ports on the computer system. 

36. (New) The computer program product of claim 32 further comprising program 
instructions, stored on at least one of the one or more storage devices, to review security of 
a server computer within the network perimeter that provides data to an application outside 
of the perimeter. 

37. (New) The computer program product of claim 32 further comprising program 
instructions, stored on at least one of the one or more storage devices, to review security of 
an application that transfers data across the network perimeter based on a location of data 
transferred by the application and whether the transferred data is encrypted. 
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